On 11/30/25 02:14, Alexander Kanavin wrote:
On Sat, 29 Nov 2025 at 16:41, Chen Qi via lists.openembedded.org
<[email protected]> wrote:
It's possible that users use EXTRA_USERS_PARAMS to set password
for root or explicitly expire root password. So we need to check
these two cases to ensure the 'no password' banner is not misleading.
As an example:
In conf/toolcfg.cfg:
OE_FRAGMENTS += "distro/poky core/yocto/root-login-with-empty-password
In local.conf:
INHERIT += "extrausers"
EXTRA_USERS_PARAMS += " passwd-expire root;"
Note that allowing 'empty-root-password' image feature + setting/expiring
root password has been working since available. This patch focuses on
the banner. We want to ensure that it's there only when root really has
empty password.
Ok, it took me a moment (and an image build/runqemu execution) to
figure out the use case for the above. Which is: make an image that
requires setting a root password on first boot, but without having to
first enter a static initial password. In which case the banner is
indeed misleading.
The patch can probably be tweaked to ensure the check for needing to
add a banner runs last (at the point where no further modifications to
the root filesystem are going to happen), and it can be made
unconditional, and only checking the actual content of the root
filesystem, and not accessing IMAGE_FEATURES at all.
Is that ok? Can you do it like that? And tweak the commit message to
explain what that configuration actually does :)
Alex
Yes. Good idea.
I'll use this method in V4. I'll also re-order these two patches.
Regards,
Qi
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#226954):
https://lists.openembedded.org/g/openembedded-core/message/226954
Mute This Topic: https://lists.openembedded.org/mt/116527245/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
